Abstract: Methods and devices controlling access to content are described. For example, a request to enroll a device is received at a localization hub. The localization hub is associated with a subscriber that is authorized to access the content. A credential is issued to the device. The credential demonstrates that the device is enrolled in the local area network and is authorized to receive the content.

Abstract: A scrambler circuit for digital telephony equipment receives a sequence of input bits, generates the sequence of output bits based on the input bits and stores the sequence of output bits. The generating of the sequence of output bits includes selecting at least one of the stored output bits in accordance with contents of a mask register, and applying a logic operation to a current input bit and the selected at least one stored output bit to provide a current output bit.

Abstract: An inexpensive data storage technique utilizing available capacity in individual computer devices connected to a network is provided. When a backup client (BC) (14) of a user PC receives a backup instruction for a file from a user, the backup client (14) requests backup to a backup control server (20). The backup control server (20) divides and encrypts the file to be backed up into a plurality of encrypted pieces, transfers the encrypted pieces to user PCs (10), and stores the encrypted piece in the HDDs (12) of the user PCs (10). When the destributively backed up file is to be extracted, the user PC 10 obtains each encrypted piece from the user PCs 10 on which they are stored, and combines and decrypts the encrypted pieces to restore the original file.

Abstract: Controlling access to disseminated messages includes implementing one or more key management policies that specify how various encryption keys are maintained and in particular, when encryption keys are made inaccessible. Deleting a particular key renders inaccessible all copies of messages, known or unknown, associated with the particular key, regardless of the location of the associated messages. A message may be directly associated with a deleted key. For example, a message may be directly associated with a deleted key by having been encrypted using the deleted key. A message may also be indirectly associated with a deleted key. For example, a message may be indirectly associated with a deleted key by being encrypted with a key that in turn was encrypted using the deleted key. Any number of levels are indirection are possible and either situation makes the message unrecoverable.

Abstract: A method for a secure transmission of information between a first and a second module is disclosed. Each module contains one of the keys of two pairs of keys. A first number and a second number are randomly generated in the first module, and a third number is randomly generated in the second module. A check is made that a random number encrypted by one of the modules, then decrypted by the other, then re-transmitted re-encrypted to the initial module, is after decryption in the latter identical to the original random number. In each of the modules a common session key K is created independently with at least three same numbers generated randomly partially in one module and partially in the other module. Information transmitted between the two modules is encrypted with the common session key.

Abstract: A system and method for providing end-to-end security of content over a heterogeneous distribution chain is provided. A content owner provides content to an aggregator that receives the content and processes the content. The processing may involve decrypting the content and associating at least one of a unique fingerprint and a watermark to the decrypted content. The unique fingerprint and a watermark to the decrypted content provide identifying characteristics to the content. Additional content-based fingerprints may be used to monitor quality of consumer experience for Video and Audio. The content may be sent in a decrypted state to a client or in an encrypted state. When the content is encrypted the aggregator wraps and encrypts the content with a signature such that an end-to-end flow of the content may be determined. Application Level encryption is used to provide network/distribution medium transparency as well as persistent encryption.

Abstract: A first trusted component on a first computing device performs cryptography, evaluation, and enforcement and is tied thereto, and a first user-machine certificate associated with the first computing device is tied to a user. Correspondingly, a second trusted component on a second computing device performs cryptography, evaluation, and enforcement and is tied thereto, and a second user-machine certificate associated with the second computing device is also tied to the user. The first trusted component obtains the content for rendering on the first computing device by way of the first user-machine certificate and the license, and the second trusted component obtains the content for rendering on the second computing device by way of the second user-machine certificate and the same license.

Abstract: In one embodiment, an apparatus comprises a microcontroller unit to store instructions into an execution queue. The apparatus also comprises an execution queue unit to generate a widely decoded functional execution instruction based on at least one instruction stored in the execution queue. Additionally, the apparatus comprises a functional unit to execute the widely decoded functional execution instruction asynchronous to the generation of the widely decoded functional execution instruction.

Abstract: The disclosed invention allows security of configuration SMS messages through the use of encryption computed with the International Mobile Equipment Identity (IMEI) as a key. Particularly, a text messaging system having the ability to send SMS messages to remotely managed wireless terminal equipment comprises means to generate an encrypted bit string based on the IMEI shared key and to signal use of the security mechanism in available Information Element fields of the TP-User Data of the SMS message. The receiving wireless terminal equipment is configured to process configuration SMS messages encrypted using the IMEI as a key.

Abstract: The present invention is a compression method for compressing digital data. The data is strings of digital values, which can be broken down to a series of 1's and 0's. The present inventive method uses a chaotic system to compress the data. The first step in the inventive method is generating a plurality of periodic orbits that correspond to a plurality of control bit strings. Each of the periodic orbits is formed with a series of numeric values. The next step is to convert the numeric values of the periodic orbits to digital data values, similar in form to the data to be compressed. The digital data values of the periodic orbits are then organized to identically match the original digital data values. Then the control bit strings corresponding to the organized digital data values of the periodic orbits are identified and saved in order, such that applying the control bit strings to the chaotic system will regenerate the original data.

Abstract: An IC card and a method thereof for adding or changing a program for a memory for writing without adversely affecting the function of the IC card and by keeping the security of a program to be written later by restricting writing by a write control program having a decryption function or a program code conversion function

Abstract: A method and apparatus for encryption of data are provided, in which the data is made up of a series of data items (600). The data items (600) maybe bytes of data or blocks of data. The method includes providing a plurality of encryption algorithms (604), selecting when to change encryption algorithm (601), selecting which encryption algorithm to change to (603), wherein each selection is carried out by applying a Chaotic and/or Catastrophic equation. The plurality of encryption algorithms (604) have index numbers and the generation of an index number by applying the Chaotic or Catastrophic equation selects an encryption algorithm. The selection of when to change encryption algorithm may be determined by a Catastrophic event in the Catastrophic equation and the selection of encryption algorithm may be determined by the surface of a Catastrophic curve on which a point lies, wherein each surface corresponds to an encryption algorithm.

Abstract: A method, system and program product for enciphering or deciphering storage of a computing environment by specifying, via an instruction, a unit of storage to be enciphered or deciphered. The unit of storage to be enciphered or deciphered includes a plurality of pages which may be operated on in a chaining operation.

Abstract: A key scheduler for encryption/decryption produces a new ciphering key by a key expansion process or recovers a previous ciphering key by an inverse expansion process. The key scheduler includes a set of adders and transformation circuitry. Each of adders receives a portion of a round key value as its first input. Some of the adders receive either a portion of the round key value or the output of some of the adders, as its second input, be control of arbitration devices. One adder receives as its second input an output from the transformation circuitry, which output is selected by an arbitration device from either a portion of the round key value or an output of an adder. The selection done by the arbitration devices depending on whether the process desired is the key expansion or inverse expansion.

Abstract: A method for conveying a security context, including creating and assigning a virtual address to a client process, issuing a first Internet Protocol version compliant packet wherein the first Internet Protocol version compliant packet comprises a security context, prepending an issued packet with a second Internet Protocol version header producing a second Internet Protocol version compliant packet, forwarding the second Internet Protocol version compliant packet to a recipient, stripping away the second Internet Protocol version compliant header from the second Internet Protocol version compliant packet producing a stripped packet at the recipient, decrypting and authenticating the stripped packet using a particular method as indicated by the security context producing a decrypted and authenticated packet, and routing the decrypted and authenticated packet to a recipient process using the virtual address.

Abstract: In an embodiment, a communication node coupled to a first data network and a second data network is disclosed. The first data network is a wide area data network. The communication node includes a first data interface to the first data network, a second data interface to the second data network, a data processor responsive to the first data interface and to the second data interface, and an encryption module coupled to the data processor. The first data interface is a telephony type interface and the second data interface is a packet data interface. The data processor receives input traffic data carried over the first data interface and generates management performance data based on measurements with respect to the input traffic data. The encryption module receives the management performance data to produce encrypted management performance data to be communicated to the second data network via the second data interface.

Abstract: A user recognition and identification system and method is presented in which text entered by a user at a keyboard is evaluated against previously recorded keystrokes by the user for the presence of repeatable patterns that are unique to an individual.

Abstract: Method and apparatus for integration of network address translation and source address security, including, but not limited to, determining whether a gateway computer is integrated for network address translation and source address security, is described. A client computer requests a first address from the gateway computer and then requests a second address from the gateway computer. The latter request is done with a different client identifier that is nearly equivalent, except for one bit, to the client identifier used for the prior address request. If the gateway computer is integrated for network address translation and source address security, in response to the latter request a public address will be provided from the gateway computer to the client computer.

Abstract: The present invention relates to a method of protecting an electronic chip (1) of a user against fraud in transactions between an application (2) and the electronic chip (1).